jeudi 20 juin 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Android up to 9.0 Linkify.java addLinks Remote Code Execution

A vulnerability, which was classified as critical, has been found in Google Android up to 9.0 (Smartphone Operating System). Affected by this issue is the function addLinks of the file Linkify.java. The manipulation with an unknown input leads...
Auteur: VulDB

Google Android up to 9.0 ihevcd_fmt_conv.c ihevcd_fmt_conv_420sp_to_420p memory corruption

A vulnerability classified as critical was found in Google Android up to 9.0. Affected by this vulnerability is the function ihevcd_fmt_conv_420sp_to_420p of the file ihevcd_fmt_conv.c. The manipulation with an unknown input leads to a memory...
Auteur: VulDB

Google Android up to 9.0 ih264d_format_conv.c ih264d_fmt_conv_420sp_to_420p memory corruption

A vulnerability classified as critical has been found in Google Android up to 9.0 (Smartphone Operating System). Affected is the function ih264d_fmt_conv_420sp_to_420p of the file ih264d_format_conv.c. The manipulation with an unknown input...
Auteur: VulDB

Google Android 7.0/7.1.1/7.1.2/8.0 Warning Dialog TextServicesManagerService.java findAvailSpellCheckerLocked privilege escalation

A vulnerability was found in Google Android 7.0/7.1.1/7.1.2/8.0. It has been rated as critical. This issue affects the function findAvailSpellCheckerLocked of the file TextServicesManagerService.java of the component Warning Dialog. The...
Auteur: VulDB

Cisco Prime Infrastructure Virtual Domain System API Request privilege escalation

A vulnerability was found in Cisco Prime Infrastructure (Network Management Software) (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown processing of the component Virtual Domain System....
Auteur: VulDB

Cisco Email Security Appliance GZIP Decompression Engine privilege escalation

A vulnerability was found in Cisco Email Security Appliance (Anti-Malware Software) (the affected version unknown). It has been classified as critical. This affects an unknown code block of the component GZIP Decompression Engine. The...
Auteur: VulDB

Cisco Security Manager XML Data XML External Entity [CVE-2019-1903]

A vulnerability was found in Cisco Security Manager (affected version not known) and classified as critical. Affected by this issue is an unknown code of the component XML Data Handler. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

CERTFR-2019-ALE-011 : Vulnérabilité dans Oracle WebLogic (20 juin 2019)

Le 18 juin 2019, Oracle a publié un avis de sécurité hors de son cycle habituel de correctifs pour une vulnérabilité jugée critique. Cette faille d'identifiant CVE-2019-2729 affecte les serveurs WebLogic et peut conduire à une exécution de code...
Auteur: Cert FR

CERTFR-2019-ALE-010 : Vulnérabilité dans Mozilla Firefox (20 juin 2019)

Le 18 juin 2019, l'éditeur Mozilla a publié un avis de sécurité annonçant la mise à disposition d'un correctif de sécurité pour son navigateur Firefox. Ce dernier est affecté par une vulnérabilité de confusion de type pouvant mener à une...
Auteur: Cert FR

Cisco RV110W/RV130W/RV215W HTTP Request information disclosure

A vulnerability has been found in Cisco RV110W, RV130W and RV215W (affected version unknown) and classified as problematic. Affected by this vulnerability is an unknown part. The manipulation as part of a HTTP Request leads to a information...
Auteur: VulDB

Cisco RV110W/RV130W/RV215W Web-based Management Interface HTTP Request information disclosure

A vulnerability, which was classified as problematic, was found in Cisco RV110W, RV130W and RV215W (version unknown). Affected is some unknown functionality of the component Web-based Management Interface. The manipulation as part of a HTTP...
Auteur: VulDB

Cisco RV110W/RV130W/RV215W Web-based Management Interface denial of service

A vulnerability, which was classified as problematic, has been found in Cisco RV110W, RV130W and RV215W (unknown version). This issue affects an unknown functionality of the component Web-based Management Interface. The manipulation with an...
Auteur: VulDB

Cisco Integrated Management Controller CLI command injection

A vulnerability classified as critical was found in Cisco Integrated Management Controller (the affected version is unknown). This vulnerability affects an unknown function of the component CLI. The manipulation with an unknown input leads to a...
Auteur: VulDB

Cisco Telepresence Codec/Collaboration Endpoint Cisco Discovery Protocol CDP Packet command injection

A vulnerability classified as critical has been found in Cisco Telepresence Codec and Collaboration Endpoint (Unified Communication Software) (the affected version unknown). This affects some unknown processing of the component Cisco Discovery...
Auteur: VulDB

Cisco Wide Area Application Services HTTPS Proxy Connection Request privilege escalation

A vulnerability was found in Cisco Wide Area Application Services (affected version not known). It has been rated as critical. Affected by this issue is an unknown code block of the component HTTPS Proxy. The manipulation as part of a Connection...
Auteur: VulDB

Cisco Prime Service Catalog Web-based Management Interface cross site scripting

A vulnerability was found in Cisco Prime Service Catalog (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown code of the component Web-based Management Interface. The manipulation with an...
Auteur: VulDB

Cisco Prime Service Catalog Web-based Management Interface cross site request forgery

A vulnerability was found in Cisco Prime Service Catalog (version unknown). It has been classified as problematic. Affected is an unknown part of the component Web-based Management Interface. The manipulation with an unknown input leads to a...
Auteur: VulDB

Cisco StarOS Packet Processor Crafted Packet denial of service

A vulnerability was found in Cisco StarOS (unknown version) and classified as problematic. This issue affects some unknown functionality of the component Packet Processor. The manipulation as part of a Crafted Packet leads to a denial of service...
Auteur: VulDB

Cisco Digital Network Architecture Access Restriction weak authentication

A vulnerability has been found in Cisco Digital Network Architecture (the affected version is unknown) and classified as critical. This vulnerability affects an unknown functionality of the component Access Restriction. The manipulation with an...
Auteur: VulDB

Cisco RV110W Wireless-N VPN Firewall Web-based Management Interface HTTP Requests denial of service

A vulnerability, which was classified as problematic, was found in Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router and Cisco RV215W Wireless-N VPN Router (Firewall Software) (the affected version unknown)....
Auteur: VulDB

Cisco Integrated Management Controller Web-based Management Interface cross site request forgery

A vulnerability, which was classified as problematic, has been found in Cisco Integrated Management Controller (affected version not known). Affected by this issue is some unknown processing of the component Web-based Management Interface. The...
Auteur: VulDB

Cisco Integrated Management Controller Web-based Management Interface HTTP Request information disclosure

A vulnerability classified as problematic was found in Cisco Integrated Management Controller (affected version unknown). Affected by this vulnerability is an unknown code block of the component Web-based Management Interface. The manipulation ...
Auteur: VulDB

Cisco Integrated Management Controller Firmware Signature Validator memory corruption

A vulnerability classified as critical has been found in Cisco Integrated Management Controller (version unknown). Affected is an unknown code of the component Firmware Signature Validator. The manipulation with an unknown input leads to a...
Auteur: VulDB

Cisco Integrated Management Controller Configuration Import Utility privilege escalation

A vulnerability was found in Cisco Integrated Management Controller (unknown version). It has been rated as critical. This issue affects an unknown part of the component Configuration Import Utility. The manipulation with an unknown input leads...
Auteur: VulDB

Cisco Integrated Management Controller Web Server HTTP Request memory corruption

A vulnerability was found in Cisco Integrated Management Controller (the affected version is unknown). It has been declared as critical. This vulnerability affects some unknown functionality of the component Web Server. The manipulation as part...
Auteur: VulDB
12345678910Last

Événements SSI

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

RSS